CVE-2021-43481

An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php.

References

https://sourceforge.net/projects/webtareas/

https://behradtaher.dev/2021/11/05/Discovering-a-Blind-SQL-Injection-Whitebox-Approach/

http://packetstormsecurity.com/files/167026/WebTareas-2.4-SQL-Injection.html